Aix@5.3 Security Vulnerabilities and Issues — Page 2 of Aix@5.3 CVE List

Lucene search

IbmAix5.3

110 matches found

CVE•added 2009/03/04 11:30 a.m.•42 views

CVE-2009-0779

Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."

7.2CVSS6.8AI score0.00063EPSS

CVE•added 2005/01/10 5:0 a.m.•41 views

CVE-2004-1028

Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod.

7.2CVSS6.8AI score0.00046EPSS

CVE•added 2005/07/12 4:0 a.m.•41 views

CVE-2005-2235

Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

7.2CVSS7.8AI score0.00057EPSS

CVE•added 2006/09/01 11:4 p.m.•41 views

CVE-2006-4522

Unspecified vulnerability in dtterm in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code with root privileges via unspecified vectors.

7.2CVSS7.5AI score0.00053EPSS

CVE•added 2007/06/04 5:30 p.m.•41 views

CVE-2007-2995

Unspecified vulnerability in sysmgt.websm.rte in IBM AIX 5.2.0 and 5.3.0 has unknown impact and attack vectors.

4.3CVSS6.3AI score0.00668EPSS

CVE•added 2007/08/08 10:17 p.m.•41 views

CVE-2007-4237

Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges.

6.9CVSS6.8AI score0.0006EPSS

CVE•added 2007/11/05 4:46 p.m.•41 views

CVE-2007-4513

Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.

7.2CVSS6.5AI score0.00179EPSS

CVE•added 2009/07/13 2:30 p.m.•41 views

CVE-2009-2434

Buffer overflow in the syscall implementation in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.8AI score0.00058EPSS

CVE•added 2012/07/30 7:55 p.m.•41 views

CVE-2012-0723

The kernel in IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly implement the dupmsg system call, which allows local users to cause a denial of service (system crash) via a crafted application.

4.9CVSS5.8AI score0.00065EPSS

CVE•added 2005/09/30 7:10 p.m.•40 views

CVE-2005-3060

Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.

7.2CVSS7.3AI score0.0013EPSS

CVE•added 2007/08/08 10:17 p.m.•40 views

CVE-2007-4238

AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit.

6.9CVSS6.9AI score0.00057EPSS

CVE•added 2007/08/15 12:17 a.m.•40 views

CVE-2007-4354

Buffer overflow in fileplace in bos.perf.tools in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00049EPSS

CVE•added 2009/06/08 1:0 a.m.•40 views

CVE-2009-1954

Unspecified vulnerability in portmapper (aka portmap) in IBM AIX 5.3 allows attackers to cause a denial of service (daemon hang) via unknown vectors, related to libtli.

7.8CVSS6.5AI score0.00468EPSS

CVE•added 2010/09/16 9:0 p.m.•40 views

CVE-2010-3405

Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.

6.8CVSS6.4AI score0.00061EPSS

CVE•added 2005/01/06 5:0 a.m.•39 views

CVE-2004-1330

Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.

7.2CVSS7.9AI score0.00331EPSS

CVE•added 2005/07/12 4:0 a.m.•39 views

CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.

7.2CVSS8.1AI score0.00049EPSS

CVE•added 2005/10/23 10:2 a.m.•39 views

CVE-2005-3289

LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.

2.1CVSS6.2AI score0.00134EPSS

CVE•added 2007/02/03 12:28 a.m.•39 views

CVE-2007-0670

Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the "r-commands", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin.

4.6CVSS7.5AI score0.00096EPSS

CVE•added 2012/03/02 10:55 p.m.•39 views

CVE-2011-1385

IBM AIX 5.3, 6.1, and 7.1, and VIOS 2.1.x and 2.2.x, allows remote attackers to cause a denial of service (system crash) via an ICMP Echo Reply packet that contains 1 in the Identifier field, a different vulnerability than CVE-2012-0194.

7.8CVSS6.2AI score0.0527EPSS

CVE•added 2016/09/26 5:59 p.m.•39 views

CVE-2016-6038

Directory traversal vulnerability in Eclipse Help in IBM Tivoli Lightweight Infrastructure (aka LWI), as used in AIX 5.3, 6.1, and 7.1, allows remote authenticated users to read arbitrary files via a crafted URL.

6.5CVSS5.9AI score0.00224EPSS

CVE•added 2005/11/01 12:47 p.m.•38 views

CVE-2005-3396

Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.

7.5CVSS7.6AI score0.01851EPSS

CVE•added 2005/12/15 10:3 p.m.•38 views

CVE-2005-4273

Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files.

2.1CVSS6.6AI score0.00063EPSS

CVE•added 2007/06/04 5:30 p.m.•38 views

CVE-2007-2996

Unspecified vulnerability in perl.rte 5.8.0.10 through 5.8.0.95 on IBM AIX 5.2, and 5.8.2.10 through 5.8.2.50 on AIX 5.3, allows local users to gain privileges via unspecified vectors related to the installation and "waiting for a legitimate user to execute a binary that ships with Perl."

6.6CVSS6.6AI score0.00044EPSS

CVE•added 2007/09/10 9:17 p.m.•38 views

CVE-2007-4794

Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

7.2CVSS6.7AI score0.00049EPSS

CVE•added 2008/02/05 3:0 a.m.•38 views

CVE-2008-0588

Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.00051EPSS

CVE•added 2005/02/10 5:0 a.m.•37 views

CVE-2005-0261

lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.

2.1CVSS6.8AI score0.0007EPSS

CVE•added 2005/05/02 4:0 a.m.•37 views

CVE-2005-0263

Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.

7.2CVSS7.9AI score0.00432EPSS

CVE•added 2005/11/22 11:3 a.m.•37 views

CVE-2005-3749

Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors.

7.2CVSS6.5AI score0.00064EPSS

CVE•added 2005/12/08 1:3 a.m.•37 views

CVE-2005-4068

Unspecified "absolute path vulnerability" in umountall in IBM AIX 5.1 through 5.3 allows local users to cause unknown impact via unknown vectors.

7.2CVSS6.1AI score0.00068EPSS

CVE•added 2006/03/10 1:2 a.m.•37 views

CVE-2006-0667

lscfg in IBM AIX 5.2 and 5.3 allows local users to modify arbitrary files via a symlink attack.

4.6CVSS6.1AI score0.00065EPSS

CVE•added 2006/05/30 10:2 a.m.•37 views

CVE-2006-2647

Untrusted search path vulnerability in update_flash for IBM AIX 5.1, 5.2 and 5.3 allows local users to execute arbitrary commands via unknown vectors involving lsmcode and possibly other commands.

7.2CVSS7.1AI score0.00051EPSS

CVE•added 2008/03/31 11:44 p.m.•37 views

CVE-2008-1599

The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat.

7.2CVSS6.3AI score0.00065EPSS

CVE•added 2009/01/30 7:30 p.m.•36 views

CVE-2009-0370

Multiple unspecified vulnerabilities in IBM AIX 5.2.0 through 6.1.2 allow local users to append data to arbitrary files, related to (1) rmsock and (2) rmsock64 not creating "secure log files."

7.2CVSS6.4AI score0.00066EPSS

CVE•added 2007/02/16 1:28 a.m.•35 views

CVE-2007-0978

Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data.

7.2CVSS6.5AI score0.00058EPSS

CVE•added 2007/08/08 10:17 p.m.•35 views

CVE-2007-4236

Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges.

6.9CVSS6.9AI score0.00053EPSS

CVE•added 2007/09/10 9:17 p.m.•35 views

CVE-2007-4798

Unspecified vulnerability in invscout in Inventory Scout in invscout.rte in IBM AIX 5.2 and 5.3 allows local users to delete system files that have names matching the final substring of a hostname alias, as demonstrated by hostnames ending in "unix".

6.6CVSS6.1AI score0.00048EPSS

CVE•added 2007/11/05 5:46 p.m.•35 views

CVE-2007-5804

cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create or overwrite an arbitrary file, and enable world writability of this file, by using the file's name as the argument.

6.9CVSS6.3AI score0.0005EPSS

CVE•added 2008/06/02 9:30 p.m.•35 views

CVE-2008-2515

Unspecified vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown vectors related to an "environment variable handling error."

7.2CVSS6AI score0.00064EPSS

CVE•added 2006/08/21 8:4 p.m.•34 views

CVE-2006-4254

Unspecified vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 allows local users to gain privileges via unspecified vectors.

7.5CVSS6.2AI score0.01768EPSS

CVE•added 2007/09/10 9:17 p.m.•34 views

CVE-2007-4795

Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

7.2CVSS6.6AI score0.00051EPSS

CVE•added 2007/09/10 9:17 p.m.•34 views

CVE-2007-4799

The perfstat kernel extension in bos.perf.perfstat in AIX 5.3 does not verify privileges when processing a SET call, which allows local users to cause a denial of service (system hang or crash) via unspecified SET operations.

4.9CVSS6.3AI score0.00048EPSS

CVE•added 2007/11/05 5:46 p.m.•34 views

CVE-2007-5805

cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to swcons, which allows local users in the system group to create an arbitrary file, and enable world writability of this file, via a symlink attack involving use of the file's name as the argument. NOTE: this ...

6.9CVSS6.3AI score0.0005EPSS

CVE•added 2008/02/05 3:0 a.m.•34 views

CVE-2008-0586

Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh.

7.2CVSS6.5AI score0.00055EPSS

CVE•added 2008/03/31 11:44 p.m.•34 views

CVE-2008-1595

The proc filesystem in the kernel in IBM AIX 5.2 and 5.3 does not properly enforce directory permissions when a file executing from a directory has weaker permissions than the directory itself, which allows local users to obtain sensitive information.

4.9CVSS5.8AI score0.00046EPSS

CVE•added 2009/04/21 4:24 p.m.•34 views

CVE-2009-1355

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename.

7.2CVSS6.6AI score0.00071EPSS

CVE•added 2006/08/28 8:4 p.m.•33 views

CVE-2006-4416

Untrusted search path vulnerability in the mkvg command in IBM AIX 5.2 and 5.3 allows local users to gain privileges by modifying the path to point to a malicious (1) chdev, (2) mkboot, (3) varyonvg, or (4) varyoffvg program.

7.2CVSS6.5AI score0.00081EPSS

CVE•added 2007/09/10 9:17 p.m.•33 views

CVE-2007-4793

Buffer overflow in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.7AI score0.00051EPSS

CVE•added 2008/01/25 1:0 a.m.•33 views

CVE-2007-5764

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

7.2CVSS6.3AI score0.0007EPSS

CVE•added 2008/02/05 3:0 a.m.•33 views

CVE-2008-0587

Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

7.2CVSS6.6AI score0.00055EPSS

CVE•added 2008/02/05 3:0 a.m.•33 views

CVE-2008-0589

The ps program in bos.rte.control in IBM AIX 5.2, 5.3, and 6.1 allows local users to obtain sensitive information via unspecified vectors.

4.9CVSS5.3AI score0.00054EPSS

Total number of security vulnerabilities110